#CVE-2023-38408 < OpenSSH 9.3p2
#CVE-2023-51384 < 9.6
#CVE-2023-51385 < 9.6
#CVE-2023-48795 < 9.6
cat /etc/os-version
#EditionName=e
#MinorVersion=1050
uname -a
#Linux localhost.localdomain 4.19.90-2201.4.0.0135.up1.uel20.x86_64 #1 SMP Mon Feb 21 18:36:21 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
#统信，无yum库可用，经查统信1050e基于openeuler，查询相关仓库有openssh对应可用版本的openssl，使用仓库的rpm更新openssl

wget https://repo.openeuler.org/openEuler-22.03-LTS-SP3/OS/x86_64/Packages/openssl-devel-1.1.1wa-2.oe2203sp3.x86_64.rpm
wget https://repo.openeuler.org/openEuler-22.03-LTS-SP3/OS/x86_64/Packages/glibc-devel-2.34-143.oe2203sp3.x86_64.rpm
wget https://repo.openeuler.org/openEuler-22.03-LTS-SP3/OS/x86_64/Packages/glibc-all-langpacks-2.34-143.oe2203sp3.x86_64.rpm
wget https://repo.openeuler.org/openEuler-22.03-LTS-SP3/OS/x86_64/Packages/glibc-common-2.34-143.oe2203sp3.x86_64.rpm
wget https://repo.openeuler.org/openEuler-22.03-LTS-SP3/OS/x86_64/Packages/glibc-2.34-143.oe2203sp3.x86_64.rpm
wget https://repo.openeuler.org/openEuler-22.03-LTS-SP3/OS/x86_64/Packages/openssl-libs-1.1.1wa-2.oe2203sp3.x86_64.rpm
wget https://repo.openeuler.org/openEuler-22.03-LTS-SP3/OS/x86_64/Packages/openssl-1.1.1wa-2.oe2203sp3.x86_64.rpm
yum install ./*.rpm

wget https://mirrors.aliyun.com/pub/OpenBSD/OpenSSH/portable/openssh-9.6p1.tar.gz
tar -zxvf openssh-9.6p1.tar.gz
cd openssh-9.6p1

CURR_DT="$(date '+%F_%T'|tr -d ":-")"
echo 当前备份号：${CURR_DT}
mkdir -pv /root/ssh_back/${CURR_DT}
cp --parents -a /etc/ssh /root/ssh_back/${CURR_DT}
cp --parents -a /etc/pam.d/sshd /root/ssh_back/${CURR_DT}
cp --parents -a /usr/bin/ssh* /root/ssh_back/${CURR_DT}
cp --parents -a /usr/sbin/sshd* /root/ssh_back/${CURR_DT}
tree /root/ssh_back/${CURR_DT}

./configure --prefix=/usr --sysconfdir=/etc/ssh --with-ipaddr-display --with-4in6
make
make install

sshd -t
service sshd reload